On Fri, 24 Apr 2009, Jelte Jansen wrote:
The dimension I'm usually missing in these discussions is the lifetimes of keys and the lifetimes of the signatures created with those keys (although it is mentioned above). I always understood the reason for having two key types is so that one of them can be rolled more often, and have shorter signatures lifetimes, while the other one lives longer, and is needed less often. So the first one would not need to be as strong as the second one.
There is another aspect.
It's probably the friday talking, but in that case, why even have a KSK at all?
One can be stored in a slow HSM or might be required to be "online" permanently, while the other would only be needed once a month and can be stored offline. So despite the equal keysize, there is not an equal trust with these keys. Paul _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
